Forum Discussion

boneyard's avatar
boneyard
Icon for MVP rankMVP
May 08, 2013

APM multiple policies on one virtual server

is it possible to have different policies on one virtual server?   would like to have something with two urls (see below) with different policies (authentication methods), but can't find how to se...
BIG-IP Access Policy Manager (APM)
remote access
security
Seth_Cooper's avatar
Seth_Cooper
Icon for Employee rankEmployee
May 08, 2013

Hi boneyard,

 

 

You can do this but not in two separate policies. You will just have to split the policy based off of URI.

 

 

In the VPN after your start object you need to add a "Server Side Check" of "Landing URI". Configure your two branch rules, one for employees and one for contractors, and then you can have different authenticators, webtop, and resource assigns, login pages, etc per URI.

 

 

Thanks,

 

Seth

 

  • ZANOOB's avatar
    ZANOOB
    Icon for Cirrus rankCirrus
    Dec 07, 2023

    How about if it is not for VPN.

    I have two url  us1.exmaple.com and us2.exmaple.com pointing to same virtaul server.

    The viratul server only have the option to apply one APM policy.

    We are using SMAL authentication , hence two APM profile (each profile can have only one entity ID).

    I couldnt any irule available for it.

    Thought this the below might work , but i think there is a syntax error to it.

    when HTTP_REQUEST {
    if {not ([string tolower [HTTP::host]] starts_with "us1.example.com")}
    {ACCESS SAML_us1
    else
    {ACCESS SAML_us1}
    }